VB2013 speaker spotlight

We speak to VB2013 presenter Andreas Lindh about his research interests and what he aims to bring to VB2013.

The VB2013 conference takes place this autumn (2-4 October) in Berlin, with an exciting programme that covers many of today's most pertinent security-related topics.

In the build-up to the event we are running a series of blogs in which we introduce the speakers and find out a bit more about their research interests and what they aim to bring to the conference.

Today, we speak to Andreas Lindh (ISecure), who will speak at VB2013 about reducing the window of exposure.

Tell us a little bit about yourself - your job and your responsibilities.

"I work as a security consultant for a Swedish company called I Secure Sweden AB - we are one of the leading providers of competence in SIEM and other security operations technologies in the Nordics. My customers are mainly large organizations in the public and private sector, and my assignments are usually as an analyst or architect.

"My day job consists of digging up and analysing suspicious activity in our customers networks, or acting as an advisor to customers in matters regarding their security architecture. I got into security about 10 years ago although I've only considered myself a security geek for the last 5 years or so."

Can you give us a brief outline of what you will be speaking about at VB2013?

"My talk is about how a lot of corporations are still relying on a traditional, very network perimeter-centric approach to defence, and that the models they are using are not really effective against software vulnerabilities in general, and 0-days in particular.

"In itself, this is nothing new, but as client-side attacks are becoming more and more common at the same time as users are connecting more and more outside of the protected network, this means that an unpatched vulnerability in an exposed piece of software (such as a browser) can quickly become extremely critical. Simply relying on patching has also proven to be insufficient, as several high-profile organizations have fallen prey to undisclosed vulnerabilities lately.

"Even in cases where patches are available, they might take weeks or even months to deploy. Because of this, I feel that a different approach to defence is needed to compliment the layers that already exist. This should be a more system-centric approach, focused on minimizing the impact of a software vulnerability-related breach instead of trying to stop attacks at the gate."

Why is your presentation particularly relevant to the security community?

"I feel that we are not doing enough in this area. Instead of whining about how poor vendor X's track record is when it comes to patching - which is something that we cannot really do anything about - we should focus on providing mitigating methods or alternatives. The whining actually only helps the bad guys, as all the constructive advice tends to get lost in the information security echo chamber. See it as a 'call to arms', if you will."

What can delegates learn from your presentation?

"I hope it will provide a reality check, I think a lot of people don't realize how poor the state of corporate security really is. I will also suggest a method for adding additional layers of defence - something that I think will be especially useful for defenders. What I will NOT do is tell people to go out and buy more blinky boxes, but rather to actually start using the ones they already have. Security tools in general are seriously under-utilized."

Have you visited Berlin before? What are you looking forward to seeing/doing whilst in town?

"No, I haven't visited Berlin before, but I'm really looking forward to going. I'm hoping to be able to visit some bars and I'd like to see the Brandenburger Tor and the Berlin Wall."

What else are you looking forward to at VB2013?

"Definitely hanging out and socializing with people who share my interests - that is always one of best things about going to security conferences. There are some people who I've only communicated with online who I'm really looking forward to meeting 'IRL', as the kids say. I'm also a big fan of beer, so I'll have to say the bar too."

Over the last few years SE Labs has tested more than 50 different security products against over 5,000 targeted attacks. In this guest blog post Stefan Dumitrascu, Chief Technical Officer at SE Labs, looks at the different attack tools available, how…

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.